Transcription

2 Objectives Understand the importance of information security in today s world Understand the elements of security Identify the phases of the hacking cycle Identify the different types of hacker attacks Understand hacktivism

4 Case Example Jeffrey, a 10th-grade student, loves reading any book One day, he found a book titled Basics of Hacking Having always wondered how hacking works, he immediately started reading After reading the book, Jeffrey was eager to put some of his new knowledge into practice Jeffrey launched the tools from a CD that was offered with the book and discovered plenty of loopholes in the network Is anything wrong with Jeffrey s actions? Are his actions justified?

5 Introduction to Ethical Hacking Hackers have various motivations for breaking into secure systems Duty of system administrators and network security professionals To guard their infrastructure against exploits by knowing the enemies who seek to use the same infrastructure for their own purposes One of the best ways to do this is to hire an ethical hacker Someone who has all of the skills of a malicious hacker, but is on the client s side

6 Importance of Security Today, almost every company is becoming completely networked, exchanging information almost instantly Of utmost importance to secure these assets from outside threats Security policy Specification for how objects in a security domain are allowed to interact There is an increased dependency on computers Any disruption in their operation or integrity can mean the loss of time, the loss of money, and sometimes even the loss of life

7 Threats and Vulnerabilities Vulnerability Weakness in a defined asset that could be taken advantage of or exploited by some threat Threat Action or event that might compromise security Every vulnerability does not lead to an attack, and all attacks do not result in success Factors that result in the success of an attack include the degree of vulnerability, the strength of the attack, and the extent to which countermeasures are adopted

8 Attacks Target of evaluation Information resource or asset that is being protected from attacks Attack Deliberate assault on that system s security Attacks can be broadly classified as active and passive Attacks can also be categorized as inside or outside attacks

9 Security Breaches Exploit Specific way to breach the security of an IT system through a vulnerability Exposure What comprises a breach of security Can vary from one company to another, or even from one department to another Imperative for organizations to address both penetration and protection issues

10 Exposure Exposure Loss due to an exploit Examples of loss include disclosure, deception, disruption, and usurpation Vulnerability is the primary entry point an attacker can use to gain access to a system or to its data Once the system is exposed, an attacker can collect confidential information with relative ease, and usually erase his or her tracks afterwards

11 Elements of Security Security: state of well-being of a system s data and infrastructure Assurance Confidence that the system will behave according to its specifications Accountability System administrators or concerned authorities need to be able to know by whom, when, how and why system resources have been accessed Reusability or availability Generally, not all resources are available to all users

12 The Security, Functionality, and Ease of Use Triangle Figure 1-1 Moving toward security means moving away from functionality and ease of use.

13 The Growth of Hacking Originally, hacking required extraordinary computer skills to go beyond the intended uses of computer systems Today there are automated tools and codes available on the Internet that make it possible for almost anyone to successfully hack a system A victim will often keep the attack secret in order to save face Even in the event of a devastating compromise

14 Phases of an Attack In general, there are five phases that make up an attack: Reconnaissance Scanning Gaining access Maintaining access Covering tracks

15 Phase 1 Reconnaissance Reconnaissance Preparatory phase where an attacker gathers as much information as possible about the target prior to launching the attack Reconnaissance types Passive: attacker does not interact with the system directly Active: attacker interacts with the target system by using tools to detect open ports, accessible hosts, router locations, network mapping, details of operating systems, and applications

16 Phase 2 Scanning Attacker uses the details gathered during reconnaissance to identify specific vulnerabilities An attacker can gather critical network information, such as the mapping of systems, routers, and firewalls By using simple tools such as the standard Windows utility Traceroute Port scanners can be used to detect listening ports to find information about the nature of services running on the target machine Vulnerability scanners: most commonly used tools

17 Phase 3 Gaining Access Gaining access Where most of the damage is usually done, yet hackers can cause plenty of damage without gaining any access to the system Access can be gained locally, offline, over a LAN, or over the Internet A hacker s chances of gaining access into a target system are influenced by factors such as: Architecture and configuration of the target system Skill level of the perpetrator Initial level of access obtained

18 Phase 4 Maintaining Access Attackers, who choose to remain undetected Remove evidence of their entry Install a backdoor or a Trojan to gain repeat access Install rootkits at the kernel level to gain full administrator access to the target compute Hackers can use Trojans to transfer user names, passwords, and any other information stored on the system Organizations can use intrusion detection systems or deploy traps known as honeypots and honeynets to detect intruders

19 Phase 5 Covering Tracks Attackers will usually attempt to erase all evidence of their actions Trojans such as ps or netcat are often used to erase the attacker s activities from the system s log files Steganography Process of hiding data in other data, for instance image and sound files Tunneling Takes advantage of the transmission protocol by carrying one protocol over another

20 Types of Hacker Attacks Operating system attacks Today s operating systems contain many features, making them increasingly complex Application-level attacks Software developers often do not have time to completely test their products before shipping them Shrink-wrap code attacks Software developers will often use free libraries and code licensed from other sources in their programs If vulnerabilities in that code are discovered, many pieces of software are at risk Misconfiguration attacks

22 Ethical Hackers Ethical hackers Information security professionals who specialize in evaluating and defending against threats from attackers Possess excellent computer skills and are committed to using those skills in protecting the integrity of computer systems rather than hurting them Ethical hackers categories: Former black hats White hats Consulting firms

23 What Do Ethical Hackers Do? Ethical hacker s evaluation of a client s information system security seeks answers to three basic questions: What can an attacker see on the target system? What can an intruder do with that information? Are the attackers attempts being noticed on the target systems? Ethical hacker must also remember to convey to the client that that it is never possible to guard systems completely However, they can always be improved

24 Can Hacking Be Ethical? Today, the term hacking is closely associated with illegal and unethical activities Most companies use IT professionals to audit their systems for known vulnerabilities Ethical hackers usually employ the same tools and techniques as attackers With the important exception that once access is gained, no damage is done Important distinction between ethical hackers and crackers is consent

25 Skills of an Ethical Hacker Ethical hackers must be computer experts Must have a strong grasp on programming and networking Should be comfortable with installing and maintaining systems using all popular Oss Ethical hackers must possess detailed knowledge of both hardware and software Any ethical hacker must have plenty of patience

26 What Is Vulnerability Research? Vulnerability research includes: Discovering system design faults and weaknesses that might allow attackers to compromise a system Keeping informed of new products and technologies in order to find news related to current exploits Checking underground hacking Web sites for newly discovered vulnerabilities and exploits Checking newly released alerts regarding relevant innovations and product improvements for security systems

27 Why Hackers Need Vulnerability Research Reasons: To identify and correct network vulnerabilities To protect the network from being attacked To get information that helps to prevent security issues To gather information about viruses and malware To find weaknesses in the network and to alert the network administrator before a network attack To know how to recover from a network attack

29 Conducting Ethical Hacking Each ethical hacking assignment has six basic steps: Talk with the client about the importance of security and the necessity of testing Prepare NDA (nondisclosure agreement) documents and have the client sign them Prepare an ethical hacking team and create a schedule for testing Conduct the test Analyze the results and prepare the report Deliver the report to the client

30 How Do They Go About It? Security testing involves three phases: preparation, conduct, and conclusion After discussing security issues with the client, a formal contract should be drawn up that contains NDA, to protect the client s confidential data Clause stating that the ethical hacker has full consent of the client to hack into their systems Conduct phase Two most common approaches: Limited vulnerability analysis Attack and penetration testing

31 How Do They Go About It? (cont d.) The needs of the client Clients will often prefer a limited vulnerability analysis because they do not want to lose any data or risk any unintended damage While conducting an evaluation, ethical hackers may come across security holes that cannot be fixed within the predetermined time frame Client should be warned of this Final phase is the conclusion phase Report is prepared for the client

32 Ethical Hacking Testing Approaches fall into one of three categories: white box testing, black box testing, and gray box testing Black box testing Ethical hacker is given no prior knowledge or information about a system White box testing Ethical hacker is given full advance knowledge of the system Choosing a testing method Debate continues over whether black box testing or white box testing is more beneficial Also consider monetary resources and time factors

33 Ethical Hacking Deliverables In the conclusion phase, the ethical hacker creates a detailed report for the client Analyzing the possibility and impact of hacking Vulnerabilities that were detected are explained in detail Along with specific recommendations to patch them in order to bring about a permanent security solution Client may also solicit the participation of its employees by asking them for suggestions or observations during the course of the evaluation Final report should be delivered only in a hard copy

34 Computer Crimes and Implications Computer crimes can be separated into two categories: Crimes facilitated by use of a computer Crimes where the computer is the target Cyber Security Enhancement Act 2002 allows life sentences for hackers who recklessly endanger the lives of others For more information, visit the United States Department of Justice s Cyber Crime and Intellectual Property section at cybercrime.gov

35 Case Example Revisited Were the actions of Jeffrey, our 10th-grade computer prodigy, legal or ethical? The answer is, while his intentions were honest and innocent, it must be considered unethical The key difference between Jeffrey and an ethical hacker is that the ethical hacker always obtains written permission before attempting to access any system through unauthorized means

37 Summary (cont d.) Vulnerability research can be done via several Web sites Security testing involves three phases: preparation, conduct, and conclusion Cyber crime is underreported, but taken very seriously when it is

1 ITEC441- IS Security Chapter 15 Performing a Penetration Test The PenTest A penetration test (pentest) simulates methods that intruders use to gain unauthorized access to an organization s network and

Penetration Testing Service By Consulting February, 2007 Background The number of hacking and intrusion incidents is increasing year by year as technology rolls out. Equally, there is no hiding place your

How to build and use a Honeypot By Ralph Edward Sutton, Jr DTEC 6873 Section 01 Abstract Everybody has gotten hacked one way or another when dealing with computers. When I ran across the idea of a honeypot

Tim West Consulting 6807 Wicklow St. Arlington, TX 76002 817-228-3420 Twest@timwestconsulting.com OVERVIEW Tim West Consulting Tim West Consulting is a full service IT security and support firm that specializes

Introduction to Ethical Hacking and Network Defense January 14, 2010 MIS 4600 - Abdou Illia Objectives Describe the role of an ethical hacker Describe what can an ethical hacker legally do Describe what

WHITE PAPER CHALLENGES Protecting company systems and data from costly hacker intrusions Finding tools and training to affordably and effectively enhance IT security Building More Secure Companies (and

PENETRATION TESTING A SYSTEMATIC APPROACH INTRODUCTION: The basic idea behind writing this article was to put forward a systematic approach that needs to be followed to perform a successful penetration

SECURING YOUR SMALL BUSINESS Principles of information security and risk management The challenge Information is one of the most valuable assets of any organization public or private, large or small and

MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected

1- A (firewall) is a computer program that permits a user on the internal network to access the internet but severely restricts transmissions from the outside 2- A (system failure) is the prolonged malfunction

Digital Barracuda Information Security Worms is Only the Tip FACT SHEET from Viruses and Worms is Only the Tip Do you have security with teeth? You had better, because if the worms don t get you, the viruses

Security Awareness For Server Administrators State of Illinois Central Management Services Security and Compliance Solutions Purpose and Scope To present a best practice approach to securing your servers

MONTHLY WEBSITE MAINTENANCE PACKAGES The security and maintenance of your website is serious business, and what you don t know can certainly hurt you. A hacked or spamvertised site can wreak havoc on search

PCI Compliance for Healthcare Best practices for securing payment card data In just five years, criminal attacks on healthcare organizations are up by a stunning 125%. 1 Why are these data breaches happening?

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things. AGENDA Current State of Information Security Data Breach Statics Data Breach Case Studies Why current

Cyber- Attacks: The New Frontier for Fraudsters Daniel Wanjohi, Technology Security Specialist What is it All about The Cyber Security Agenda ; Protecting computers, networks, programs and data from unintended

Malicious software About ENISA The European Network and Information Security Agency (ENISA) is an EU agency created to advance the functioning of the internal market. ENISA is a centre of excellence for

Network Security Administrator Course ID ECC600 Course Description This course looks at the network security in defensive view. The ENSA program is designed to provide fundamental skills needed to analyze

January 2013 Page 1 This paper describes the system philosophy and guidelines for keeping your DeltaV System secure from Cyber attacks. www.deltav.com January 2013 Page 2 Table of Contents Introduction...

Topic 1 Lesson 1: Importance of network security 1 Initial list of questions Why is network security so important? Why are today s networks so vulnerable? How does Melissa virus work? How does I love you

ISSECO Syllabus Public Version v1.0 ISSECO Certified Professional for Secure Software Engineering Date: October 16th, 2009 This document was produced by the ISSECO Working Party Syllabus Introduction to

DSL and Cable Modems: The Dangers of Having a Static IP Address By Joe Edwards ECE 478 Spring 2000 1.0 Introduction As computer technology continues to rapidly progress, more and more people are abandoning

HONEYPOT SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without

DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND Introduction > New security threats are emerging all the time, from new forms of malware and web application exploits that target

External Supplier Control s Cyber Security For Suppliers Categorised as Low Cyber Risk 1. Asset Protection and System Configuration Barclays Data and the assets or systems storing or processing it must

Banking Security using Honeypot Sandeep Chaware D.J.Sanghvi College of Engineering, Mumbai smchaware@gmail.com Abstract New threats are constantly emerging to the security of organization s information

White Paper PCI-DSS compliance and Software products The Payment Card Industry Data Standard () compliance is a set of specific security standards developed by the payment brands* to help promote the adoption

Student Tech Security Training ITS Security Office ITS Security Office Total Security is an illusion security will always be slightly broken. Find strategies for living with it. Monitor our Network with

PCI Security Scan Procedures Version 1.0 December 2004 Disclaimer The Payment Card Industry (PCI) is to be used as a guideline for all entities that store, process, or transmit Visa cardholder data conducting

Objectives After reading this chapter and completing the exercises, you will be able to: Describe the role of an ethical hacker Describe what you can do legally as an ethical hacker Describe what you can

THE CHALLENGES OF DATA SECURITY IN THE MODERN OFFICE February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced

Recommended Practice Case Study: Cross-Site Scripting February 2007 iii ACKNOWLEDGEMENT This document was developed for the U.S. Department of Homeland Security to provide guidance for control system cyber

Project Proposal Active Honeypot Systems By William Kilgore University of Advancing Technology Project Proposal 1 Project Proposal 2 Abstract Honeypot systems are readily used by organizations large and

Information Technology Security Review April 16, 2012 The Office of the City Auditor conducted this project in accordance with the International Standards for the Professional Practice of Internal Auditing

IS TEST 3 - TIPS FOUR (4) levels of detective controls offered by intrusion detection system (IDS) methodologies. First layer is typically responsible for monitoring the network and network devices. NIDS

Penetration Testing: Comprehensively Assessing Risk What is a penetration test? Penetration testing is a time-constrained and authorized attempt to breach the architecture of a system using attacker techniques.